See the NOVUS Walkthrough Guide for further information.
The WHO program is used to add, remove, and manage the users of the system, access levels and limits within the system (for example funding, rate of exchange manipulation etc.)
Until at least one user is able to access NOVUS, the application software cannot be used to set up subsequent users. Creating the initial user is therefore a special task, which was done when the system was first installed. A special script is available should this be necessary.
Once the initial system user has been created, that user if given an adequate authorisation level can add additional users using the WHO program. However, for a new user to be able to access the system, they must also have the correct network environment, a dedicated home directory and access to the WP area mapped to drive W:
The WHO program described here deals only with the database considerations (the last of the above tasks). Your system administrator will need to perform the other steps.
The initial screen within the WHO program displays Users for all departments. Use the drop-down box to filter for a specific department or use the search functionality to find a specific user.
The listing screen shows the following details:
|Display Name||The full name of the user|
|Windows Login||The users display name as used in the system|
|Login to XXX [Database ID]||Dataset acronym|
|NOVUS User||Y (checked) or N (unchecked). Producers may be added without the need to be licensed NOVUS users but this field must be set to N (unchecked).|
|Enabled/Disabled||When a user is no longer employed their ID should be set to 'disabled'|
|Company Role|| Choose between compliance officer, producer or standard user. This operates in conjunction with the NOVUS User Y (checked)/N (unchecked) field. A producer cannot be the compliance officer. Multiple users can be assigned the role of a compliance officer to manage compliance functionality across the business. Stop flags on partners can be removed by anyone with company role C or authorisation level 8. Users assigned the compliance officer role with a valid email address will receive notification of failed sanctions checks and routine sanctions checking reports.
Multiple users can be assigned the company role of a compliance officer, to enable more than a single user to manage the compliance-related functionality within NOVUS (e.g., sanctions checking, stop flag removal). This means that a stop flag on a PARTNER could be removed by anyone with company role C or authorisation level 8, to allow for a larger compliance team. Any user assigned the compliance officer role with a valid email address will receive email notification of failed sanctions checks and routine sanctions checking reports.
|Email Address||This address is used on documents such as statements and London premium advice notes (LPANS), and the console messaging service.|
|Telephone||This is used on documents such as statements.|
|Department||Staff departments are created in CODES [[System_Codes_and_Groups#GID_64_-_Staff_Departments!(GID 64) - see System Codes and Groups for a full list.|
|Head of Department||Y (checked) or N (unchecked)|
The rate of exchange variance, underwriting rate variance from the rating engine and the maximum amount in base currency equivalent a User has access to are created in the accounting tab, together with whether the user can fund a transaction (e.g. payout before the money is matched in)
The user authorisation levels and program groups work together. A user can only access a program provided the authorisation level in their user profile is equal to or higher than the program’s security level, and the program's group is listed in their available program groups in their profile. Each user may have a number of groups in their profile which are denoted by a letter of the alphabet.
There is no specific meaning for each letter used and it is up to the system administrator as to how many groups are created. It may be that the group letters represent areas of the organisation (for example C for claims, A for accounting) but these can be further broken down into areas of the system within those teams (for example, N may be suitable to group the nominal ledger programs, S for security or system admin, G for general and E for enquiry screens).
It is important to note that there are enquiry screens across the system, which operate at a more granular level. Here the letter used may not be indicative of the name given to the group (i.e. Y for nominal ledger enquiry screens).
The structure of the program groups is specified by organisational requirements. By assigning a program group letter to a program in the TITLE program, the letter will automatically have relevance in the WHO program.
Additionally, each user has a defined personal authorisation Level, therefore in each group of programs the user has access to, the authorisation Level criteria must be met in order to either access the program itself or perform a task within the program.
The key authorisation Levels are 5, 8 and 9.
The default authorisation level is set to 5 for all new users unless specifically requested to be increased. Programs such as CODES, SYSP, COUNTERS and PARTNER amongst others would normally be set in the TITLE program to authorisation Level 8. Thus a user with program group S and authorisation Level 8 would be able to use these programs and perform all tasks within them.
See the TITLE program for the grouping of the programs into the specified groups.
If an organisation wishes for a program not to be used, it can be put into an unused letter group and authorisation Level 9; this will preclude any user including the administrator from being able to use that program.
Audit trails can be controlled for all the key points in the system to be printed on the user's default windows printer or suppressed.
6.2.0 – Updated to the latest version.
6.1.0 – Updated to the latest version.
4.2.0 – Updated to latest version.
V68P: Change the program to allow the user to query by enabled/disabled state.
V60M: Checks User has 'alter user' database permissions to 'disable' a User and appropriate grant privileges to pass these on to a user promoted to auth_level '9'.